diff --git a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/SaslMechanismFactory.java b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/SaslMechanismFactory.java index 65d336b32c6e4..5b529e2a6052c 100644 --- a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/SaslMechanismFactory.java +++ b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/SaslMechanismFactory.java @@ -17,7 +17,6 @@ */ package org.apache.hadoop.security; -import org.apache.hadoop.HadoopIllegalArgumentException; import org.apache.hadoop.classification.InterfaceAudience; import org.apache.hadoop.classification.InterfaceStability; import org.apache.hadoop.conf.Configuration; @@ -36,39 +35,34 @@ public final class SaslMechanismFactory { static final Logger LOG = LoggerFactory.getLogger(SaslMechanismFactory.class); private static final String SASL_MECHANISM_ENV = "HADOOP_SASL_MECHANISM"; - private static final String SASL_MECHANISM; + private static volatile String mechanism; - static { + private static synchronized String getSynchronously() { // env final String envValue = System.getenv(SASL_MECHANISM_ENV); LOG.debug("{} = {} (env)", SASL_MECHANISM_ENV, envValue); // conf - final Configuration conf = new Configuration(false); + final Configuration conf = new Configuration(); final String confValue = conf.get(HADOOP_SECURITY_SASL_MECHANISM_KEY, HADOOP_SECURITY_SASL_MECHANISM_DEFAULT); LOG.debug("{} = {} (conf)", HADOOP_SECURITY_SASL_MECHANISM_KEY, confValue); - if (envValue != null && confValue != null) { - if (!envValue.equals(confValue)) { - throw new HadoopIllegalArgumentException("SASL Mechanism mismatched: env " - + SASL_MECHANISM_ENV + " is " + envValue + " but conf " - + HADOOP_SECURITY_SASL_MECHANISM_KEY + " is " + confValue); - } - } - - SASL_MECHANISM = envValue != null ? envValue + // env has a higher precedence than conf + mechanism = envValue != null ? envValue : confValue != null ? confValue : HADOOP_SECURITY_SASL_MECHANISM_DEFAULT; - LOG.debug("SASL_MECHANISM = {} (effective)", SASL_MECHANISM); + LOG.debug("SASL_MECHANISM = {} (effective)", mechanism); + return mechanism; } public static String getMechanism() { - return SASL_MECHANISM; + final String value = mechanism; + return value != null ? value : getSynchronously(); } - public static boolean isDefaultMechanism(String mechanism) { - return HADOOP_SECURITY_SASL_MECHANISM_DEFAULT.equals(mechanism); + public static boolean isDefaultMechanism(String saslMechanism) { + return HADOOP_SECURITY_SASL_MECHANISM_DEFAULT.equals(saslMechanism); } private SaslMechanismFactory() {} diff --git a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/SaslRpcServer.java b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/SaslRpcServer.java index d7e1831b90cb4..bb306836dc15e 100644 --- a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/SaslRpcServer.java +++ b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/SaslRpcServer.java @@ -29,6 +29,7 @@ import java.util.ArrayList; import java.util.List; import java.util.Map; +import java.util.function.Supplier; import javax.security.auth.callback.Callback; import javax.security.auth.callback.CallbackHandler; @@ -225,19 +226,21 @@ public enum AuthMethod { SIMPLE((byte) 80, ""), KERBEROS((byte) 81, "GSSAPI"), @Deprecated - DIGEST((byte) 82, SaslMechanismFactory.getMechanism()), - TOKEN((byte) 82, SaslMechanismFactory.getMechanism()), + DIGEST((byte) 82, SaslMechanismFactory::getMechanism), + TOKEN((byte) 82, SaslMechanismFactory::getMechanism), PLAIN((byte) 83, "PLAIN"); /** The code for this method. */ public final byte code; - public final String mechanismName; + private final Supplier mechanismName; private AuthMethod(byte code, String mechanismName) { + this(code, () -> mechanismName); + } + + AuthMethod(byte code, Supplier mechanismName) { this.code = code; this.mechanismName = mechanismName; - LOG.info("{} {}: code={}, mechanism=\"{}\"", - getClass().getSimpleName(), name(), code, mechanismName); } private static final int FIRST_CODE = values()[0].code; @@ -253,7 +256,7 @@ private static AuthMethod valueOf(byte code) { * @return mechanismName. */ public String getMechanismName() { - return mechanismName; + return mechanismName.get(); } /**